Case Study: Saint Luke's Health System achieves streamlined HIPAA auditing and faster privacy investigations with FairWarning

Streamlining HIPAA Auditing with FairWarning

Saint Luke’s Health System, a not‑for‑profit network founded in 1882 that operates 11 hospitals and 5 clinics with 920 beds and about 9,000 employees, needed to improve information availability while protecting patient privacy and meeting HIPAA/HITECH and other regulatory requirements. Their privacy office relied on IT to pull application audit logs, causing week‑long turnarounds and time‑consuming manual reviews that hindered timely audits and investigations.

Saint Luke’s implemented FairWarning in 2008 to centralize clinical application audit logs, provide role‑based access, and enable proactive monitoring across key McKesson systems. The solution automated reporting and made audits runnable in minutes instead of 24+ hours, producing a steep decline in inappropriate accesses, faster investigations, consistent regulatory compliance without added staff, and a measurable shift toward a stronger privacy culture.

Saint Luke's Health System

Dave Wiseman

Chief Privacy Officer, Information Security Manager